package com.jy.api.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.Http401AuthenticationEntryPoint;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * Created by hanxi on 2017/7/4.
 */
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
                .antMatchers("/*.txt").permitAll()
                //不需要权限校验接口
                .antMatchers("/v1/clerk/login",
                        "/v1/pos/login", "/v1/pos/authorize",
                        "/v1/admin/authorize", "/v1/clerk/authorize", "/pos", "/v1/stock/**",
                        "/v1/pos/workshift/{id}", "v1/admin/search-store-pay", "v1/admin/store-pay-merge","/v1/pos/orders/{orderId}", "v1/admin/store-pay", "/v1/team/**", "/v1/pos/member-charges/{id}", "v1/call/service", "/v1/admin/index", "/v1/call/**").authenticated()
                .antMatchers("/v1/pos/**").access("hasRole('POS')")
                .antMatchers("/v1/clerk/**").access("hasRole('CLERK')")
                .antMatchers("/v1/stock/**").access("hasRole('STOCK')")
                .anyRequest().authenticated()
                .and()
                .httpBasic().authenticationEntryPoint(new Http401AuthenticationEntryPoint("token"))
                .and().rememberMe().key("huoxingyun")
                .and().csrf().disable()
                .logout().permitAll().logoutSuccessHandler(new LogoutSuccessHandler());
    }


    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/v1/verify-code", "/pos", "/v1/admin/sign-up",
                "/wechat/**", "/MP_verify_*",
                "/v1/admin/reset-pwd", "/v1/pos/reset-pwd", "/v1/xf/service", "/v1/clerk/reset-pwd",  "/v1/inv/reset-pwd","/v1/stock/reset-pwd",
                "/v1/wechat/member-binding", "/v1/pos/test", "/v1/sales/stores","/v1/pos/orders/{orderId}",
                "/wechat/open-id", "/v1/wechat/**", "/v1/member/**", "v1/admin/search-store-pay", "v1/admin/store-pay-merge", "v1/admin/store-pay", "v1/call/service", "/v1/system/notice", "/v1/table/**",
                "/v1/admin/workshift/{id}/details", "/v1/clerk/logout", "/v1/admin/get-sales","/v1/admin/region/list",
                "/v1/pos/logout", "/v1/admin/logout", "/v1/admin/{id}/coupon-instance",
                "/v1/admin/{orderId}/order-info", "/v1/image/upload", "/v1/image/json/upload",
                "/v1/synch/{orderId}/order", "/v1/web/**", "/v1/pay/**", "/v1/admin/stores/init", "/v1/admin/clientGet", "/v1/admin/map/detail",
                "/v1/admin/{id}/wechat-send-template", "/v1/admin/receive/coupon-instance",
                "/gs-guide-websocket/**", "/app/**", "/message/**", "/notice/**",
                "/v1/admin/coupon-share", "/v1/stock/**", "/man/**", "/v1/instance/remind", "/v1/shift/workshift/{id}", "/v1/admin/get-itemDetails", "/v1/pos/speech", "v1/clerk/getLong-code", "v1/admin/{storeId}/member",
                "/v1/call/**", "/v1/clone/**", "/v1/pos/charge-rules", "/v1/team/**", "/v1/pos/return-order", "/v1/pos/judge-psw", "/v1/pos/discount", "/v1/pos/member-charges/{id}");

    }


    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth, UserDetailsService userDetailsService) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
    }


}
